Vulnerability Details CVE-2021-26943
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.6%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 7.2
References
Products affected by CVE-2021-26943
-
cpe:2.3:h:asus:ux360ca:-
-
cpe:2.3:o:asus:ux360ca_bios:-
-
cpe:2.3:o:asus:ux360ca_bios:303